PCI Compliance: Low Risk, High Reward

To stem the rise of identity theft, a group of payment card issuers established a standard in 2004 to bolster electronic networks against customer identity theft. Known as the Payment Card Industry Data Security Standard (PCI DSS), compliance with this set of security requirements is now a mandatory requirement many credit card issuers, including Visa, MasterCard, American Express, and Discover. Retailers who engage in electronic transactions and are not compliant with the PCI DSS requirements are subject to stiff penalties in the event of credit card data theft.

The cost and complexity of establishing PCI DSS-compliant transaction architecture is not insignificant. The time required by retailers to establish total end-to-end compliance on their own, compounded with the time and expense of PCI DSS audits by third-party security certification companies, build a compelling case for working with vendors and service providers who can make the job easier.